]>
Commit | Line | Data |
---|---|---|
8925debd GKH |
1 | From 6203554207728f43cfb9fd48585cd6500da73d42 Mon Sep 17 00:00:00 2001 |
2 | From: Linus Torvalds <torvalds@linux-foundation.org> | |
3 | Date: Tue, 29 Apr 2008 11:45:16 -0700 | |
4 | Subject: drivers/net/tehuti: use proper capability check for raw IO access | |
5 | ||
6 | From: Linus Torvalds <torvalds@linux-foundation.org> | |
7 | ||
8 | commit 6203554207728f43cfb9fd48585cd6500da73d42 in mainline. | |
9 | ||
10 | Yeah, in practice they both mean "root", but Alan correctly points out | |
11 | that anybody who gets to do raw IO space accesses should really be using | |
12 | CAP_SYS_RAWIO rather than CAP_NET_ADMIN. | |
13 | ||
14 | Pointed-out-by: Alan Cox <alan@lxorguk.ukuu.org.uk> | |
15 | Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | |
16 | Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> | |
17 | ||
18 | --- | |
19 | drivers/net/tehuti.c | 2 +- | |
20 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
21 | ||
22 | --- a/drivers/net/tehuti.c | |
23 | +++ b/drivers/net/tehuti.c | |
24 | @@ -649,7 +649,7 @@ static int bdx_ioctl_priv(struct net_dev | |
25 | DBG("%d 0x%x 0x%x\n", data[0], data[1], data[2]); | |
26 | } | |
27 | ||
28 | - if (!capable(CAP_NET_ADMIN)) | |
29 | + if (!capable(CAP_SYS_RAWIO)) | |
30 | return -EPERM; | |
31 | ||
32 | switch (data[0]) { |